49313009410afca95b49c22a00c67a9139a1aac53da221c487a60ba9d5fb7f47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c261abc8dfe938a71b4f213f54cf7654_JaffaCakes118
Size

13.5MB
Sample

240826-gckx5axgna
MD5

c261abc8dfe938a71b4f213f54cf7654
SHA1

e91071944e9fd35b5bcab84e8a5f9329834e2152
SHA256

49313009410afca95b49c22a00c67a9139a1aac53da221c487a60ba9d5fb7f47
SHA512

0749c66d76515bca1d3097c6bd63b6283f03746f7a36ab3e40c0d2bf62af53d0f47dd5abb42e46197a86b6f9989c80bf03292087a068525399d0391ec01f2500
SSDEEP

196608:QHSB54tnobSt7H4e+Hunvh+vk9RaiFbwFZ/XjoYssVCj6LCtZ8c1NFOH5Yl0OJLu:ySTcUSpH4eSyh+Meiq/U7aCtZ/+Wlz6

Score

7^/10

discovery vmprotect

Malware Config

Targets

- Target
  
  c261abc8dfe938a71b4f213f54cf7654_JaffaCakes118
- Size
  
  13.5MB
- MD5
  
  c261abc8dfe938a71b4f213f54cf7654
- SHA1
  
  e91071944e9fd35b5bcab84e8a5f9329834e2152
- SHA256
  
  49313009410afca95b49c22a00c67a9139a1aac53da221c487a60ba9d5fb7f47
- SHA512
  
  0749c66d76515bca1d3097c6bd63b6283f03746f7a36ab3e40c0d2bf62af53d0f47dd5abb42e46197a86b6f9989c80bf03292087a068525399d0391ec01f2500
- SSDEEP
  
  196608:QHSB54tnobSt7H4e+Hunvh+vk9RaiFbwFZ/XjoYssVCj6LCtZ8c1NFOH5Yl0OJLu:ySTcUSpH4eSyh+Meiq/U7aCtZ/+Wlz6
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DLLWaitForKillProgram.dll
- Size
  
  28KB
- MD5
  
  9c4b8ec42d89f7557bfd90798ce52787
- SHA1
  
  2376dde426ea65aa27c30e304086310605382475
- SHA256
  
  ed52bdad7b383a179b9b0e21fefdda2d72695c5263a815d5e1e0bfac6c718548
- SHA512
  
  17c12a27a08746755868558c037376dd7e20f03f0f71888c1329903b70975a54f57786c3c32bf88aaf30119f11ed978a6830ba91949e11cfc94fbb5ad95305b7
- SSDEEP
  
  96:EP5ZuFye0MyQW4uPwhs+R/+gFrE1m/U/uG98bp2y+HS21kEZ1b+4Tu9C1uGg8wBu:akFyFRQ5wIzlH/UGq36EZY4T+Gul8U
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/DLLWebCount_new.dll
- Size
  
  28KB
- MD5
  
  f16f5feebd9b431a8bc63456c0ad267c
- SHA1
  
  acc75cfa3ed7888334aa2ccf305a6c6c58a08aaf
- SHA256
  
  5417af0fc8284e9745650a55803bb34217e314096dc7cedf113c960624ae08ad
- SHA512
  
  ed1e62d903b511a29abd5def4419b5afa63699ee2d1c91a9d884ffb01d7debe5981559574cac4885140d1f27f4275be56236f5c6f1c327147dcac8893f965512
- SSDEEP
  
  96:3YP18J49uJPeaFX/0gOtJ/9nMjbnbk2Zl1bU6i9vtmAuSBudGaTA:3f1bFX/rOtJ/lMvbfJU6snpYdb
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Dialer.dll
- Size
  
  3KB
- MD5
  
  a29b5c457f61822759df6f9d370292fd
- SHA1
  
  b57644f0a30e2e5d2fea790b27c21574494a8850
- SHA256
  
  c384decad4baf8c3f1dbe0e02bc7b76f11e5793ccc164b6857d8fe9eb5a9903a
- SHA512
  
  4d3651f88c655903bab97ccde0d41eec78c4cc7b6a32472c6c1531138f56359a8b13ccff698ebb4aa9e76a83c38388ddd27cac7b15a2a7b83a9cb7a4dacdba0b
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/FILEDownPlug120308.dll
- Size
  
  28KB
- MD5
  
  89c563060d908e5df6848ad15731e6d0
- SHA1
  
  404d8d41700ecc907e5b7c849a0dcde8edda1e72
- SHA256
  
  8bd1c61e9be2b8b07f6dac4782a96ee9e679c5f163133a51b57e1ecd72f3eff9
- SHA512
  
  8eb86ed92ba4d3305a954d824a1ffc23d9aef02559c794c085f67583f32d8228834b09ad45edfd8a78b4634e62344f53e1106db64134b8dd2c5e0fae391da763
- SSDEEP
  
  384:UCpErQTFze4TRt19H9emlJfbyLx/etuFVclW:YkTA4n19H9jbZMKlW
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/IEFunctions.dll
- Size
  
  3KB
- MD5
  
  9701818d39318145dd164794ef3a3846
- SHA1
  
  7db701f8dc19163d46ba88e8b68d8dbf428a8152
- SHA256
  
  3122b0413f74e88518cfd1b9c6e18435dd326ca177a2374b6405df78f43e776a
- SHA512
  
  d92786630250e9eb6c47537b09684fa107f959b50d255c7f3952741eb438c3be47e171827d3a4407b049c33c12dad73f8ec381a7265b28a6d8ca101ff702e8a4
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  eef9e469e8a30717974499f277d97e2a
- SHA1
  
  2d33c25984ebd9116beeb55cdde4c5c86c023e5d
- SHA256
  
  1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078
- SHA512
  
  d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48
- SSDEEP
  
  192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  32KB
- MD5
  
  83142eac84475f4ca889c73f10d9c179
- SHA1
  
  dbe43c0de8ef881466bd74861b2e5b17598b5ce8
- SHA256
  
  ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729
- SHA512
  
  1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1
- SSDEEP
  
  384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/SelfDelete.dll
- Size
  
  24KB
- MD5
  
  7bf1bd7661385621c7908e36958f582e
- SHA1
  
  43242d7731c097e95fb96753c8262609ff929410
- SHA256
  
  c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e
- SHA512
  
  8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f
- SSDEEP
  
  96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c6f5b9596db45ce43f14b64e0fbcf552
- SHA1
  
  665a2207a643726602dc3e845e39435868dddabc
- SHA256
  
  4b6da3f2bdb6c452fb493b98f6b7aa1171787dbd3fa2df2b3b22ccaeac88ffa0
- SHA512
  
  8faa0204f9ed2721acede285be843b5a2d7f9986841bcf3816ebc8900910afb590816c64aebd2dd845686daf825bbf9970cb4a08b20a785c7e54542eddc5b09a
- SSDEEP
  
  192:qADKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbVUSF:qAViJrtFRdbmXK8+WVUw
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/UserMgr.dll
- Size
  
  55KB
- MD5
  
  130f66c0161e6da46744abe3c0be4d9c
- SHA1
  
  d2a44a0cd07bc0c5d81fc0d056d6d45d200896ed
- SHA256
  
  955705c8c7188d06af16849e5cc3ceae79ea5d0808cc2851630a54d54bbc01f2
- SHA512
  
  915b9135da230ec8d3016ba83bd7102b3f8cb13050189a176f8d4d50363f13584fb971226458bc493cd2df27723c8ab7273effab7d6c6e14d49e735d24d7fac8
- SSDEEP
  
  768:fThBSJtwQegACHpCygw5eKeK/B/viiTRvTkujLWf2UEHzDSZA7yM5jt/BJE4lV:7SCQeLCHpCyNV9ZTRbkuOQzyMVt/blV
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/daemonen.dll
- Size
  
  62KB
- MD5
  
  5052c803182ff521ee393ccf46f373b6
- SHA1
  
  c2c1a5e8cd10c9842550ef4aae1ea9ffd5fd9021
- SHA256
  
  cd3df3d94192073f9feaf44427cffad97eb6d4cfc82009c271ac67e1b96f8579
- SHA512
  
  849e0c5af84f8732e2a9a57d0ab6e25316811b36e27dcbcc64e11ab192b2cef6c39cb26091284e26e9be8f00b3b6e2a8e48564da9f7ef1910bbb880c296f9ff1
- SSDEEP
  
  768:PyOJus6zjqcWdwUYYEBgH5aK15qVIB6fHz4T5EKI+kgJa56Eoz3rPt8Uq:PyOJH1YYCe15qugf8I+kg40zLt8
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  cdff6b8f9523b6ef9f20fb5f9e90f1a5
- SHA1
  
  b25f6e0a19b41ff0a12de8e98e3005bc119d34fa
- SHA256
  
  80b2740fb3a21ffab022a96ce6b420019072f8ef3a048fd9dea4a5b64498c0c8
- SHA512
  
  62585c6a6103aed10f9a79c016df8cb630c3e37715542b5f26aa1a910771540c9b323ddbba3329db0ecf524143f7a27b782e198ce944317f764be6b9d04b792e
- SSDEEP
  
  96:W7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3trCUTMxVXw32E:IKgfwgcr8zylsB49lrCUTMxVX7
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsisos.dll
- Size
  
  5KB
- MD5
  
  69806691d649ef1c8703fd9e29231d44
- SHA1
  
  e2193fcf5b4863605eec2a5eb17bf84c7ac00166
- SHA256
  
  ba79ab7f63f02ed5d5d46b82b11d97dac5b7ef7e9b9a4df926b43ceac18483b6
- SHA512
  
  5e5e0319e701d15134a01cb6472c624e271e99891058aef4dfe779c29c73899771a5b6f8b1cd61b543a3b3defeaecaa080c9cc4e76e84038ca08e12084f128eb
- SSDEEP
  
  48:6EyuygeHCfxwU5x+6kx/k1gONv27oBc2OkIrHHl:VeHCf2762kKsu7oGjkIrn
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/xml.dll
- Size
  
  118KB
- MD5
  
  42df1fbaa87567adf2b4050805a1a545
- SHA1
  
  b892a6efbb39b7144248e0c0d79e53da474a9373
- SHA256
  
  e900fcb9d598643eb0ee3e4005da925e73e70dbaa010edc4473e99ea0638b845
- SHA512
  
  4537d408e2f54d07b018907c787da6c7340f909a1789416de33d090055eda8918f338d8571bc3b438dd89e5e03e0ded70c86702666f12adb98523a91cbb1de1d
- SSDEEP
  
  1536:U2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KC:OzjLkarn7O+n9z2L6whFtGF42bK
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  add_drive.html
- Size
  
  2KB
- MD5
  
  c7d5be5bb3c87c71271a7db9fc6299ef
- SHA1
  
  fd6ffe3b6829ec9c4113723fcd0d207ffb55fc4a
- SHA256
  
  6ed4f8ee6470181a5b8f7c255028a2ec9c70e1d1b14a68821862e2fef5ff1200
- SHA512
  
  4c1f875466ea234ae97de2be2c8b159510d662e6bc92e7951580449663a510cf62baecaed4609531caf1ee3176a5a80af871131a62e4cec2fe7ebebb2a9be78c
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32